There are many types of applications where that level of privacy would not be okay. But actually protecting the users' privacy is non-trivial. Short of encrypting all user-provided data, I don't see how you could prevent every startup employee from seeing any data.
Larger companies usually separate their operations and development teams, partially for this reason. Developers aren't allowed to access production data or servers. That at least limits the number of people with access to a trusted few, at the cost of a substantially more complicated development/release process.